Vulnerabilities > Adobe > High

DATE CVE VULNERABILITY TITLE RISK
2024-10-10 CVE-2024-45116 Cross-site Scripting vulnerability in Adobe Commerce and Magento
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code.
network
low complexity
adobe CWE-79
8.1
2024-10-10 CVE-2024-45117 Unspecified vulnerability in Adobe Commerce and Magento
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read.
network
low complexity
adobe
7.6
2024-09-13 CVE-2024-43756 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Photoshop
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-119
7.8
2024-09-13 CVE-2024-43760 Out-of-bounds Write vulnerability in Adobe Photoshop
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-787
7.8
2024-09-13 CVE-2024-45108 Out-of-bounds Write vulnerability in Adobe Photoshop
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-787
7.8
2024-09-13 CVE-2024-45109 Out-of-bounds Write vulnerability in Adobe Photoshop
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-787
7.8
2024-09-13 CVE-2024-45113 Improper Authentication vulnerability in Adobe Coldfusion 2021/2023
ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation.
network
low complexity
adobe CWE-287
7.5
2024-09-13 CVE-2024-34121 Integer Overflow or Wraparound vulnerability in Adobe Illustrator
Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-190
7.8
2024-09-13 CVE-2024-39380 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe After Effects
After Effects versions 23.6.6, 24.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-119
7.8
2024-09-13 CVE-2024-39381 Out-of-bounds Write vulnerability in Adobe After Effects
After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-787
7.8